authentik/passbook/factors/otp/factors.py

"""OTP Factor logic"""
from django.contrib import messages
from django.utils.translation import gettext as _
from django.views.generic import FormView
from django_otp import match_token, user_has_device
from structlog import get_logger

from passbook.factors.otp.forms import OTPVerifyForm
from passbook.factors.otp.views import OTP_SETTING_UP_KEY, EnableView
from passbook.flows.factor_base import AuthenticationFactor
from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER

LOGGER = get_logger()


class OTPFactor(FormView, AuthenticationFactor):
    """OTP Factor View"""

    template_name = "otp/factor.html"
    form_class = OTPVerifyForm

    def get_context_data(self, **kwargs):
        kwargs = super().get_context_data(**kwargs)
        kwargs["title"] = _("Enter Verification Code")
        return kwargs

    def get(self, request, *args, **kwargs):
        """Check if User has OTP enabled and if OTP is enforced"""
        pending_user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
        if not user_has_device(pending_user):
            LOGGER.debug("User doesn't have OTP Setup.")
            if self.executor.current_factor.enforced:
                # Redirect to setup view
                LOGGER.debug("OTP is enforced, redirecting to setup")
                request.user = pending_user
                messages.info(request, _("OTP is enforced. Please setup OTP."))
                return EnableView.as_view()(request)
            LOGGER.debug("OTP is not enforced, skipping form")
            return self.executor.user_ok()
        return super().get(request, *args, **kwargs)

    def post(self, request, *args, **kwargs):
        """Check if setup is in progress and redirect to EnableView"""
        if OTP_SETTING_UP_KEY in request.session:
            LOGGER.debug("Passing POST to EnableView")
            request.user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
            return EnableView.as_view()(request)
        return super().post(self, request, *args, **kwargs)

    def form_valid(self, form: OTPVerifyForm):
        """Verify OTP Token"""
        device = match_token(
            self.executor.plan.context[PLAN_CONTEXT_PENDING_USER],
            form.cleaned_data.get("code"),
        )
        if device:
            return self.executor.factor_ok()
        messages.error(self.request, _("Invalid OTP."))
        return self.form_invalid(form)
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`"""OTP Factor logic"""`
			`from django.contrib import messages`
			`from django.utils.translation import gettext as _`
			`from django.views.generic import FormView`
			`from django_otp import match_token, user_has_device`
*(minor): stdlib logging to structlog 2019-10-01 08:24:10 +00:00			`from structlog import get_logger`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00
*(minor): small refactor 2019-10-07 14:33:48 +00:00			`from passbook.factors.otp.forms import OTPVerifyForm`
			`from passbook.factors.otp.views import OTP_SETTING_UP_KEY, EnableView`
flows/: more migration progress, consolidate views 2020-05-07 19:30:52 +00:00			`from passbook.flows.factor_base import AuthenticationFactor`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00
*(minor): remove __name__ param from get_logger 2019-10-04 08:08:53 +00:00			`LOGGER = get_logger()`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`class OTPFactor(FormView, AuthenticationFactor):`
			`"""OTP Factor View"""`

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "otp/factor.html"`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`form_class = OTPVerifyForm`

cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template 2019-02-25 12:02:50 +00:00			`def get_context_data(self, **kwargs):`
			`kwargs = super().get_context_data(**kwargs)`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`kwargs["title"] = _("Enter Verification Code")`
cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template 2019-02-25 12:02:50 +00:00			`return kwargs`

totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`def get(self, request, args, *kwargs):`
			`"""Check if User has OTP enabled and if OTP is enforced"""`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`pending_user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]`
			`if not user_has_device(pending_user):`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`LOGGER.debug("User doesn't have OTP Setup.")`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`if self.executor.current_factor.enforced:`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`# Redirect to setup view`
			`LOGGER.debug("OTP is enforced, redirecting to setup")`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`request.user = pending_user`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`messages.info(request, _("OTP is enforced. Please setup OTP."))`
cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template 2019-02-25 12:02:50 +00:00			`return EnableView.as_view()(request)`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`LOGGER.debug("OTP is not enforced, skipping form")`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`return self.executor.user_ok()`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`return super().get(request, args, *kwargs)`

			`def post(self, request, args, *kwargs):`
			`"""Check if setup is in progress and redirect to EnableView"""`
			`if OTP_SETTING_UP_KEY in request.session:`
			`LOGGER.debug("Passing POST to EnableView")`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`request.user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]`
cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template 2019-02-25 12:02:50 +00:00			`return EnableView.as_view()(request)`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`return super().post(self, request, args, *kwargs)`

			`def form_valid(self, form: OTPVerifyForm):`
			`"""Verify OTP Token"""`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`device = match_token(`
			`self.executor.plan.context[PLAN_CONTEXT_PENDING_USER],`
			`form.cleaned_data.get("code"),`
			`)`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`if device:`
flows: complete migration to FlowExecutorView, fully use context 2020-05-08 14:10:27 +00:00			`return self.executor.factor_ok()`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`messages.error(self.request, _("Invalid OTP."))`
totp => otp, integrate with factors, new setup form 2019-02-25 11:29:40 +00:00			`return self.form_invalid(form)`